CryptFIle2 Ransomware - IOC


1) Ransomware Name - CryptFIle2

2) Encrypted Extensions - .scl

3) Ransom Note File -
HELP_YOUR_FILES.HTML
HELP_YOUR_FILES.TXT

4) Encrypted Algorithm - RSA

5) Decryptor Link - NA

6) Screenshots -


7) Indictors of Compromise -
E-Mail1: pchelp_@_post.com
E-Mail2: xerx_@_usa.com
E-MAIL1: xoomx@dr.com
E-MAIL2: xoomx@usa.com



8) File Details -
the MD5 a0fed8de59e6f6ce77da7788faef5489
the SHA1 96ebbf821f37dc2dcebc177fc3a6c17b3171aab3
the SHA256 004cdc6996225f244aef124edc72f90434a872b3d4fa56d5ebc2655473733aef
ssdeep1536: SkZzt5HhE73kH54aUEvVqs / PKO97CDkDG2LyeUOKFCDRifOVDYEzJOlHLum6: DLphG5GaO97aMG2 + eUO + 7iDYEz4V6
authentihash  02bbd6a17de7c6ae1040add710f2029ace6c11baf8379df68fd98c94cf37c922
imphash  f6e5d8f2cfa29eac9c49b4227f4961fa
File size 100.0 KB (102400 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments